Overview

File tiff-CVE-2018-17100.patch of Package tiff

Index: tiff-4.0.9/tools/ppm2tiff.c
===================================================================
--- tiff-4.0.9.orig/tools/ppm2tiff.c	2018-10-17 12:25:05.271940872 +0200
+++ tiff-4.0.9/tools/ppm2tiff.c	2018-10-17 12:26:15.468262130 +0200
@@ -72,15 +72,16 @@ BadPPM(char* file)
 	exit(-2);
 }
 
+
+#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
+#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
+
 static tmsize_t
 multiply_ms(tmsize_t m1, tmsize_t m2)
 {
-	tmsize_t bytes = m1 * m2;
-
-	if (m1 && bytes / m1 != m2)
-		bytes = 0;
-
-	return bytes;
+        if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
+            return 0;
+        return m1 * m2;
 }
 
 int
openSUSE Build Service is sponsored by
Places